Oh ... yes.
Here the log
This process collects information from your Pi-hole, and optionally uploads it to a unique and random directory on tricorder.pi-hole.net.
The intent of this script is to allow users to self-diagnose their installations. This is accomplished by running tests against our software and providing the user with links to FAQ articles when a problem is detected. Since we are a small team and Pi-hole has been growing steadily, it is our hope that this will help us spend more time on development.
NOTE: All log files auto-delete after 48 hours and ONLY the Pi-hole developers can access your data via the given token. We have taken these extra steps to secure your data and will work to further reduce any personal information gathered.
*** [ INITIALIZING ]
[i] 2018-06-05:16:56:45 debug log has been initialized.
*** [ INITIALIZING ] Sourcing setup variables
[i] Sourcing /etc/pihole/setupVars.conf...
*** [ DIAGNOSING ]: Core version
[i] Core: v3.3.1 (https://discourse.pi-hole.net/t/how-do-i-update-pi-hole/249)
[i] Branch: master
[i] Commit: v3.3.1-0-gfbee18e
*** [ DIAGNOSING ]: Web version
[i] Web: v3.3 (https://discourse.pi-hole.net/t/how-do-i-update-pi-hole/249)
[i] Branch: master
[i] Commit: v3.3-0-ge48aa29
*** [ DIAGNOSING ]: FTL version
[✓] FTL: v3.0
*** [ DIAGNOSING ]: dnsmasq version
[i] 2.76
*** [ DIAGNOSING ]: lighttpd version
[i] 1.4.45
*** [ DIAGNOSING ]: php version
[i] 7.0.27
*** [ DIAGNOSING ]: Operating system
[✓] Debian GNU/Linux 9 (stretch)
*** [ DIAGNOSING ]: SELinux
[i] SELinux not detected
*** [ DIAGNOSING ]: Processor
*** [ DIAGNOSING ]: Networking
[✓] IPv4 address(es) bound to the eth0 interface:
192.168.178.200/24 matches the IP found in /etc/pihole/setupVars.conf
[✓] IPv6 address(es) bound to the eth0 interface:
2a05:5800:0:f101:c9ef:454f:a993:68d9 does not match the IP found in /etc/pihole/setupVars.conf (https://discourse.pi-hole.net/t/use-ipv6-ula-addresses-for-pi-hole/2127)
2a05:5800:0:f101:738b:2a2a:f29b:17eb does not match the IP found in /etc/pihole/setupVars.conf (https://discourse.pi-hole.net/t/use-ipv6-ula-addresses-for-pi-hole/2127)
fe80::75c6:e6a8:b862:1ac3 does not match the IP found in /etc/pihole/setupVars.conf (https://discourse.pi-hole.net/t/use-ipv6-ula-addresses-for-pi-hole/2127)
^ Please note that you may have more than one IP address listed.
As long as one of them is green, and it matches what is in /etc/pihole/setupVars.conf, there is no need for concern.
The link to the FAQ is for an issue that sometimes occurs when the IPv6 address changes, which is why we check for it.
[i] Default IPv4 gateway: 192.168.178.1
192.168.178.1
* Pinging 192.168.178.1
192.168.178.1...
[✗] Gateway did not respond. (https://discourse.pi-hole.net/t/why-is-a-default-gateway-important-for-pi-hole/3546)
[i] Default IPv6 gateway: fe80::3631:c4ff:feff:8c9b
fe80::3631:c4ff:feff:8c9b
* Pinging fe80::3631:c4ff:feff:8c9b
fe80::3631:c4ff:feff:8c9b...
[✗] Gateway did not respond. (https://discourse.pi-hole.net/t/why-is-a-default-gateway-important-for-pi-hole/3546)
*** [ DIAGNOSING ]: Ports in use
[139] is in use by smbd
[22] is in use by sshd
[3389] is in use by xrdp
[445] is in use by smbd
[51413] is in use by transmiss
[53] is in use by dnsmasq
[63857] is in use by deluge-gt
[80] is in use by lighttpd
[8090] is in use by java
[9091] is in use by transmiss
[] is in use by
[] is in use by
[] is in use by
[3306] is in use by mysqld
[4711] is in use by pihole-FTL
[631] is in use by cupsd
*** [ DIAGNOSING ]: Name resolution (IPv4) using a random blocked domain and a known ad-serving domain
[✓] banquepopulaire.fr.portailinternet.pages.default.aspx.poodine.com is 192.168.178.200 via localhost (127.0.0.1)
[✓] banquepopulaire.fr.portailinternet.pages.default.aspx.poodine.com is 192.168.178.200 via Pi-hole (192.168.178.200)
[✓] doubleclick.com is 172.217.23.174 via a remote, public DNS server (8.8.8.8)
*** [ DIAGNOSING ]: Name resolution (IPv6) using a random blocked domain and a known ad-serving domain
[✓] popcpv.com is 2a05:5800:0:f101:64ba:f5d6:5f7:71c6 via localhost (::1)
[✓] popcpv.com is 2a05:5800:0:f101:64ba:f5d6:5f7:71c6 via Pi-hole (2a05:5800:0:f101:64ba:f5d6:5f7:71c6)
[✓] doubleclick.com is 2a00:1450:4001:81a::200e via a remote, public DNS server (2001:4860:4860::8888)
*** [ DIAGNOSING ]: Pi-hole processes
[✗] dnsmasq daemon is failed
[✗] lighttpd daemon is failed
[✓] pihole-FTL daemon is active
*** [ DIAGNOSING ]: Setup variables
DNSMASQ_LISTENING=all
PIHOLE_DNS_3=2001:4860:4860:0:0:0:0:8844
PIHOLE_DNS_4=208.67.222.222
PIHOLE_DNS_5=208.67.220.220
PIHOLE_DNS_6=2620:0:ccc::2
PIHOLE_DNS_7=2620:0:ccd::2
PIHOLE_DNS_8=9.9.9.9
PIHOLE_DNS_9=149.112.112.112
DNS_FQDN_REQUIRED=true
DNS_BOGUS_PRIV=true
DNSSEC=true
CONDITIONAL_FORWARDING=false
PIHOLE_INTERFACE=eth0
IPV4_ADDRESS=192.168.178.200/24
IPV6_ADDRESS=2a05:5800:0:f101:64ba:f5d6:5f7:71c6
PIHOLE_DNS_1=208.67.222.222
PIHOLE_DNS_2=208.67.220.220
QUERY_LOGGING=true
INSTALL_WEB=true
LIGHTTPD_ENABLED=1
*** [ DIAGNOSING ]: Dashboard and block page
[✗] X-Header does not match or could not be retrieved.
HTTP/1.1 200 OK
Server: nginx/1.10.3
Date: Tue, 05 Jun 2018 14:57:02 GMT
Content-Type: text/html
Content-Length: 612
Last-Modified: Fri, 11 May 2018 11:12:32 GMT
Connection: keep-alive
ETag: "5af57aa0-264"
Accept-Ranges: bytes
[✗] X-Header does not match or could not be retrieved.
HTTP/1.1 200 OK
Server: nginx/1.10.3
Date: Tue, 05 Jun 2018 14:57:02 GMT
Content-Type: text/html; charset=UTF-8
Connection: keep-alive
Set-Cookie: PHPSESSID=1519mkenhcch2c1pb0lguv8en0; path=/
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Pragma: no-cache
*** [ DIAGNOSING ]: Gravity list
-rw-r--r-- 1 root root 13647464 Jun 4 17:26 /etc/pihole/gravity.list
-----head of gravity.list------
192.168.178.200 -rotation.de
2a05:5800:0:f101:64ba:f5d6:5f7:71c6 -rotation.de
192.168.178.200 .wisepops.com
2a05:5800:0:f101:64ba:f5d6:5f7:71c6 .wisepops.com
-----tail of gravity.list------
192.168.178.200 zzzrtrcm2.com
2a05:5800:0:f101:64ba:f5d6:5f7:71c6 zzzrtrcm2.com
192.168.178.200 ||app-measurement.com
2a05:5800:0:f101:64ba:f5d6:5f7:71c6 ||app-measurement.com
*** [ DIAGNOSING ]: contents of /etc/pihole
-rw-r--r-- 1 root root 1423 Jun 2 23:44 /etc/pihole/adlists.list
https://raw.githubusercontent.com/StevenBlack/hosts/master/hosts
https://mirror1.malwaredomains.com/files/justdomains
http://sysctl.org/cameleon/hosts
https://zeustracker.abuse.ch/blocklist.php?download=domainblocklist
https://s3.amazonaws.com/lists.disconnect.me/simple_tracking.txt
https://s3.amazonaws.com/lists.disconnect.me/simple_ad.txt
https://hosts-file.net/ad_servers.txt
https://raw.githubusercontent.com/crazy-max/WindowsSpyBlocker/master/data/hosts/win7/spy.txt
https://raw.githubusercontent.com/crazy-max/WindowsSpyBlocker/master/data/hosts/win81/spy.txt
https://raw.githubusercontent.com/crazy-max/WindowsSpyBlocker/master/data/hosts/win10/spy.txt
https://filters.adtidy.org/extension/chromium/filters/3.txt
https://easylist-downloads.adblockplus.org/easylistgermany+easylist.txt
https://adaway.org/hosts.txt
https://secure.fanboy.co.nz/easyprivacy.txt
https://pgl.yoyo.org/adservers/serverlist.php?hostformat=hosts&showintro=1&mimetype=plaintext&_=211989
https://easylist.to/easylist/easyprivacy.txt
http://www.malwaredomainlist.com/hostslist/hosts.txt
https://filters.adtidy.org/extension/chromium/filters/14.txt
https://fanboy.co.nz/fanboy-annoyance.txt
-rw-r--r-- 1 root root 0 Jun 3 21:49 /etc/pihole/blacklist.txt
-rw-r--r-- 1 root root 134 Jun 4 17:26 /etc/pihole/local.list
192.168.178.200 rock64
2a05:5800:0:f101:64ba:f5d6:5f7:71c6 rock64
192.168.178.200 pi.hole
2a05:5800:0:f101:64ba:f5d6:5f7:71c6 pi.hole
-rw-r--r-- 1 root root 234 Jun 4 17:38 /etc/pihole/logrotate
/var/log/pihole.log {
su root root
daily
copytruncate
rotate 5
compress
delaycompress
notifempty
nomail
}
/var/log/pihole-FTL.log {
su root root
weekly
copytruncate
rotate 3
compress
delaycompress
notifempty
nomail
}
-rw-r--r-- 1 root root 71 Jun 3 21:49 /etc/pihole/whitelist.txt
fritz.box
duckduckgo.com
stackoverflow.com
medium.com
outlook.live.com
*** [ DIAGNOSING ]: contents of /etc/dnsmasq.d
-rw-r--r-- 1 root root 1908 Jun 4 17:38 /etc/dnsmasq.d/01-pihole.conf
addn-hosts=/etc/pihole/gravity.list
addn-hosts=/etc/pihole/black.list
addn-hosts=/etc/pihole/local.list
localise-queries
no-resolv
cache-size=10000
log-queries=extra
log-facility=/var/log/pihole.log
local-ttl=2
log-async
server=208.67.222.222
server=208.67.220.220
server=2001:4860:4860:0:0:0:0:8844
server=208.67.222.222
server=208.67.220.220
server=2620:0:ccc::2
server=2620:0:ccd::2
server=9.9.9.9
server=149.112.112.112
domain-needed
bogus-priv
dnssec
trust-anchor=.,19036,8,2,49AAC11D7B6F6446702E54A1607371607A1A41855200FD2CE1CDDE32F24E8FB5
trust-anchor=.,20326,8,2,E06D44B80B8F1D39A95C0B0D7C65D08458E880409BBC683457104237C7F8EC8D
except-interface=nonexisting
*** [ DIAGNOSING ]: contents of /etc/lighttpd
-rw-r--r-- 1 root root 3027 Jun 4 17:38 /etc/lighttpd/lighttpd.conf
server.modules = (
"mod_access",
"mod_accesslog",
"mod_auth",
"mod_expire",
"mod_compress",
"mod_redirect",
"mod_setenv",
"mod_rewrite"
)
server.document-root = "/var/www/html"
server.error-handler-404 = "pihole/index.php"
server.upload-dirs = ( "/var/cache/lighttpd/uploads" )
server.errorlog = "/var/log/lighttpd/error.log"
server.pid-file = "/var/run/lighttpd.pid"
server.username = "www-data"
server.groupname = "www-data"
server.port = 80
accesslog.filename = "/var/log/lighttpd/access.log"
accesslog.format = "%{%s}t|%V|%r|%s|%b"
index-file.names = ( "index.php", "index.html", "index.lighttpd.html" )
url.access-deny = ( "~", ".inc", ".md", ".yml", ".ini" )
static-file.exclude-extensions = ( ".php", ".pl", ".fcgi" )
compress.cache-dir = "/var/cache/lighttpd/compress/"
compress.filetype = ( "application/javascript", "text/css", "text/html", "text/plain" )
include_shell "/usr/share/lighttpd/use-ipv6.pl " + server.port
include_shell "/usr/share/lighttpd/create-mime.assign.pl"
include_shell "find /etc/lighttpd/conf-enabled -name '*.conf' -a ! -name 'letsencrypt.conf' -printf 'include \"%p\"
' 2>/dev/null"
$HTTP["url"] =~ "^/admin/" {
setenv.add-response-header = (
"X-Pi-hole" => "The Pi-hole Web interface is working!",
"X-Frame-Options" => "DENY"
)
$HTTP["url"] =~ ".ttf$" {
setenv.add-response-header = ( "Access-Control-Allow-Origin" => "*" )
}
}
$HTTP["url"] =~ "^/admin/\.(.*)" {
url.access-deny = ("")
}
include_shell "cat external.conf 2>/dev/null"
*** [ DIAGNOSING ]: contents of /etc/cron.d
-rw-r--r-- 1 root root 1495 Jun 4 17:38 /etc/cron.d/pihole
25 4 * * 7 root PATH="$PATH:/usr/local/bin/" pihole updateGravity
00 00 * * * root PATH="$PATH:/usr/local/bin/" pihole flush once quiet
@reboot root /usr/sbin/logrotate /etc/pihole/logrotate
*/10 * * * * root PATH="$PATH:/usr/local/bin/" pihole updatechecker local
5 15 * * * root PATH="$PATH:/usr/local/bin/" pihole updatechecker remote
@reboot root PATH="$PATH:/usr/local/bin/" pihole updatechecker remote reboot
*** [ DIAGNOSING ]: contents of /var/log/lighttpd
*** [ DIAGNOSING ]: contents of /var/log
*** [ DIAGNOSING ]: Pi-hole log
-rw-r----- 1 nobody root 0 Jun 4 17:20 /var/log/pihole.log
-----head of pihole.log------
********************************************
********************************************
[✓] ** FINISHED DEBUGGING! **
* The debug log can be uploaded to tricorder.pi-hole.net for sharing with developers only.
* For more information, see: https://pi-hole.net/2016/11/07/crack-our-medical-tricorder-win-a-raspberry-pi-3/
* If available, we'll use openssl to upload the log, otherwise it will fall back to netcat.
[i] Debug script running in automated mode
* Using openssl for transmission.
***********************************
***********************************
[✓] Your debug token is: Use netcat.
***********************************
***********************************
* Provide the token above to the Pi-hole team for assistance at
* https://discourse.pi-hole.net
* Your log will self-destruct on our server after 48 hours.
* A local copy of the debug log can be found at: /var/log/pihole_debug-sanitized.log[/spoiler]
Things that make me wonder:
192.168.178.1
[✗] dnsmasq daemon is failed
==> dnsmasq runs fine and blocks all bad traffic.
[✗] lighttpd daemon is failed
==> I use nginx.
